diff --git a/.gitignore b/.gitignore index bbb959d..ae35d3a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ +SOURCES/openjdk-icedtea-2.4.7.tar.xz SOURCES/class-rewriter.tar.gz -SOURCES/openjdk-icedtea-2.4.5.tar.xz SOURCES/pulseaudio.tar.gz SOURCES/systemtap-tapset-2013-10-02.tar.gz diff --git a/.java-1.7.0-openjdk.metadata b/.java-1.7.0-openjdk.metadata index 7db9261..84e036b 100644 --- a/.java-1.7.0-openjdk.metadata +++ b/.java-1.7.0-openjdk.metadata @@ -1,4 +1,4 @@ +f53a50d897c28b0f53cb14ecd1880857899665c1 SOURCES/openjdk-icedtea-2.4.7.tar.xz fcc167de17354efb6e52cb387eb3e7dbb0316b53 SOURCES/class-rewriter.tar.gz -bab95f0194d79843fa3e6e01c9f9c972cae75dfd SOURCES/openjdk-icedtea-2.4.5.tar.xz fb72b6b1f4735ad9b5799d0b5058b0b1dec67b17 SOURCES/pulseaudio.tar.gz 4708fedba257c5ba7aef6d416421bf207d190c5e SOURCES/systemtap-tapset-2013-10-02.tar.gz diff --git a/SOURCES/gstackbounds.patch b/SOURCES/gstackbounds.patch deleted file mode 100644 index 39a066a..0000000 --- a/SOURCES/gstackbounds.patch +++ /dev/null @@ -1,142 +0,0 @@ -diff --git a/src/os/linux/vm/os_linux.cpp b/src/os/linux/vm/os_linux.cpp ---- openjdk/hotspot/src/os/linux/vm/os_linux.cpp -+++ openjdk/hotspot/src/os/linux/vm/os_linux.cpp -@@ -2763,39 +2763,47 @@ - // writing thread stacks don't use growable mappings (i.e. those - // creeated with MAP_GROWSDOWN), and aren't marked "[stack]", so this - // only applies to the main thread. -- --static --bool get_stack_bounds(uintptr_t *bottom, uintptr_t *top) { -- -- char buf[128]; -- int fd, sz; -- -- if ((fd = ::open("/proc/self/maps", O_RDONLY)) < 0) { -+static bool -+get_stack_bounds(uintptr_t *bottom, uintptr_t *top) -+{ -+ FILE *f = fopen("/proc/self/maps", "r"); -+ if (f == NULL) - return false; -- } -- -- const char kw[] = "[stack]"; -- const int kwlen = sizeof(kw)-1; -- -- // Address part of /proc/self/maps couldn't be more than 128 bytes -- while ((sz = os::get_line_chars(fd, buf, sizeof(buf))) > 0) { -- if (sz > kwlen && ::memcmp(buf+sz-kwlen, kw, kwlen) == 0) { -- // Extract addresses -- if (sscanf(buf, "%" SCNxPTR "-%" SCNxPTR, bottom, top) == 2) { -- uintptr_t sp = (uintptr_t) __builtin_frame_address(0); -- if (sp >= *bottom && sp <= *top) { -- ::close(fd); -- return true; -- } -+ -+ while (!feof(f)) { -+ size_t dummy; -+ char *str = NULL; -+ ssize_t len = getline(&str, &dummy, f); -+ if (len == -1) { -+ fclose(f); -+ if (str != NULL) -+ free(str); -+ return false; -+ } -+ -+ if (len > 0 && str[len-1] == '\n') { -+ str[len-1] = 0; -+ len--; -+ } -+ -+ static const char *stack_str = "[stack]"; -+ if (len > (ssize_t)strlen(stack_str) -+ && (strcmp(str + len - strlen(stack_str), stack_str) == 0)) { -+ if (sscanf(str, "%" SCNxPTR "-%" SCNxPTR, bottom, top) == 2) { -+ uintptr_t sp = (uintptr_t)__builtin_frame_address(0); -+ if (sp >= *bottom && sp <= *top) { -+ free(str); -+ fclose(f); -+ return true; - } -- } -- } -- -- ::close(fd); -+ } -+ } -+ free(str); -+ } -+ fclose(f); - return false; - } - -- - // If the (growable) stack mapping already extends beyond the point - // where we're going to put our guard pages, truncate the mapping at - // that point by munmap()ping it. This ensures that when we later -diff --git a/src/share/vm/runtime/os.cpp b/src/share/vm/runtime/os.cpp ---- openjdk/hotspot/src/share/vm/runtime/os.cpp -+++ openjdk/hotspot/src/share/vm/runtime/os.cpp -@@ -1353,43 +1353,6 @@ - return result; - } - --// Read file line by line, if line is longer than bsize, --// skip rest of line. --int os::get_line_chars(int fd, char* buf, const size_t bsize){ -- size_t sz, i = 0; -- -- // read until EOF, EOL or buf is full -- while ((sz = (int) read(fd, &buf[i], 1)) == 1 && i < (bsize-2) && buf[i] != '\n') { -- ++i; -- } -- -- if (buf[i] == '\n') { -- // EOL reached so ignore EOL character and return -- -- buf[i] = 0; -- return (int) i; -- } -- -- buf[i+1] = 0; -- -- if (sz != 1) { -- // EOF reached. if we read chars before EOF return them and -- // return EOF on next call otherwise return EOF -- -- return (i == 0) ? -1 : (int) i; -- } -- -- // line is longer than size of buf, skip to EOL -- char ch; -- while (read(fd, &ch, 1) == 1 && ch != '\n') { -- // Do nothing -- } -- -- // return initial part of line that fits in buf. -- // If we reached EOF, it will be returned on next call. -- -- return (int) i; --} - - void os::SuspendedThreadTask::run() { - assert(Threads_lock->owned_by_self() || (_thread == VMThread::vm_thread()), "must have threads lock to call this"); - -diff --git a/src/share/vm/runtime/os.hpp b/src/share/vm/runtime/os.hpp ---- openjdk/hotspot/src/share/vm/runtime/os.hpp -+++ openjdk/hotspot/src/share/vm/runtime/os.hpp -@@ -672,10 +672,6 @@ - // Hook for os specific jvm options that we don't want to abort on seeing - static bool obsolete_option(const JavaVMOption *option); - -- // Read file line by line. If line is longer than bsize, -- // rest of line is skipped. Returns number of bytes read or -1 on EOF -- static int get_line_chars(int fd, char *buf, const size_t bsize); -- - // Extensions - #include "runtime/os_ext.hpp" - - diff --git a/SOURCES/java-1.7.0-openjdk-aes-buffering.patch b/SOURCES/java-1.7.0-openjdk-aes-buffering.patch deleted file mode 100644 index 0ed0f95..0000000 --- a/SOURCES/java-1.7.0-openjdk-aes-buffering.patch +++ /dev/null @@ -1,411 +0,0 @@ -diff -up openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java.sav openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java ---- openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java.sav 2012-02-14 16:12:51.000000000 -0500 -+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java 2012-05-02 14:07:20.642722122 -0400 -@@ -160,10 +160,16 @@ final class P11Cipher extends CipherSpi - // original IV, if in MODE_CBC or MODE_CTR - private byte[] iv; - -- // number of bytes buffered internally by the native mechanism and padBuffer -- // if we do the padding -+ // number of bytes buffered by the blockBuffer - private int bytesBuffered; - -+ // number of bytes buffered internally -+ private int bytesBufferedInt; -+ -+ // bytes buffered from an incomplete block -+ private byte[] blockBuffer; -+ private int blockBufferLen; -+ - P11Cipher(Token token, String algorithm, long mechanism) - throws PKCS11Exception, NoSuchAlgorithmException { - super(); -@@ -194,6 +200,9 @@ final class P11Cipher extends CipherSpi - // should not happen - throw new ProviderException(nspe); - } -+ -+ if (blockSize > 0) -+ blockBuffer = new byte[blockSize]; - } - - protected void engineSetMode(String mode) throws NoSuchAlgorithmException { -@@ -435,7 +444,9 @@ final class P11Cipher extends CipherSpi - throw ex; - } - bytesBuffered = 0; -+ bytesBufferedInt = 0; - padBufferLen = 0; -+ blockBufferLen = 0; - initialized = true; - } - -@@ -445,7 +456,7 @@ final class P11Cipher extends CipherSpi - return 0; - } - -- int result = inLen + bytesBuffered; -+ int result = inLen + bytesBuffered + bytesBufferedInt; - if (blockSize != 0) { - // minus the number of bytes in the last incomplete block. - result -= (result & (blockSize - 1)); -@@ -459,7 +470,7 @@ final class P11Cipher extends CipherSpi - return 0; - } - -- int result = inLen + bytesBuffered; -+ int result = inLen + bytesBuffered + bytesBufferedInt; - if (blockSize != 0 && encrypt && paddingType != PAD_NONE) { - // add the number of bytes to make the last block complete. - result += (blockSize - (result & (blockSize - 1))); -@@ -471,7 +482,9 @@ final class P11Cipher extends CipherSpi - private void reset() { - initialized = false; - bytesBuffered = 0; -+ bytesBufferedInt = 0; - padBufferLen = 0; -+ blockBufferLen = 0; - if (session != null) { - session = token.releaseSession(session); - } -@@ -547,48 +560,57 @@ final class P11Cipher extends CipherSpi - try { - ensureInitialized(); - int k = 0; -- if (encrypt) { -- k = token.p11.C_EncryptUpdate(session.id(), 0, in, inOfs, inLen, -- 0, out, outOfs, outLen); -- } else { -- int newPadBufferLen = 0; -- if (paddingObj != null) { -- if (padBufferLen != 0) { -- // NSS throws up when called with data not in multiple -- // of blocks. Try to work around this by holding the -- // extra data in padBuffer. -- if (padBufferLen != padBuffer.length) { -- int bufCapacity = padBuffer.length - padBufferLen; -- if (inLen > bufCapacity) { -- bufferInputBytes(in, inOfs, bufCapacity); -- inOfs += bufCapacity; -- inLen -= bufCapacity; -- } else { -- bufferInputBytes(in, inOfs, inLen); -- return 0; -- } -- } -- k = token.p11.C_DecryptUpdate(session.id(), -- 0, padBuffer, 0, padBufferLen, -- 0, out, outOfs, outLen); -- padBufferLen = 0; -- } -- newPadBufferLen = inLen & (blockSize - 1); -- if (newPadBufferLen == 0) { -- newPadBufferLen = padBuffer.length; -- } -- inLen -= newPadBufferLen; -- } -- if (inLen > 0) { -- k += token.p11.C_DecryptUpdate(session.id(), 0, in, inOfs, -+ int newBlockBufferLen = 0; -+ -+ // NSS throws up when called with data not in multiple -+ // of blocks. Try to work around this by holding the -+ // extra data in blockBuffer. -+ if (blockBufferLen != 0) { -+ if (blockBufferLen != blockBuffer.length) { -+ int bufCapacity = blockBuffer.length - blockBufferLen; -+ if (inLen >= bufCapacity) { -+ bufferInputBytes(in, inOfs, bufCapacity); -+ inOfs += bufCapacity; -+ inLen -= bufCapacity; -+ } else { -+ bufferInputBytes(in, inOfs, inLen); -+ return 0; -+ } -+ } -+ if (encrypt) { -+ k = token.p11.C_EncryptUpdate(session.id(), 0, blockBuffer, 0, -+ blockBufferLen, 0, out, outOfs, -+ outLen); -+ } else { -+ k = token.p11.C_DecryptUpdate(session.id(), 0, blockBuffer, 0, -+ blockBufferLen, 0, out, outOfs, -+ outLen); -+ } -+ blockBufferLen = 0; -+ bytesBuffered = 0; -+ } -+ -+ if (inLen == 0) -+ return k; -+ -+ newBlockBufferLen = inLen & (blockSize - 1); -+ if (!encrypt && paddingObj != null && newBlockBufferLen == 0) -+ // Hold the last block in the buffer if we need to unpad -+ newBlockBufferLen = blockBuffer.length; -+ inLen -= newBlockBufferLen; -+ -+ if (inLen > 0) { -+ if (encrypt) { -+ k = token.p11.C_EncryptUpdate(session.id(), 0, in, inOfs, - inLen, 0, out, (outOfs + k), (outLen - k)); -- } -- // update 'padBuffer' if using our own padding impl. -- if (paddingObj != null) { -- bufferInputBytes(in, inOfs + inLen, newPadBufferLen); -- } -- } -- bytesBuffered += (inLen - k); -+ } else { -+ k = token.p11.C_DecryptUpdate(session.id(), 0, in, inOfs, -+ inLen, 0, out, (outOfs + k), (outLen - k)); -+ } -+ } -+ -+ bufferInputBytes(in, inOfs + inLen, newBlockBufferLen); -+ bytesBufferedInt += (inLen - k); - return k; - } catch (PKCS11Exception e) { - if (e.getErrorCode() == CKR_BUFFER_TOO_SMALL) { -@@ -643,62 +665,65 @@ final class P11Cipher extends CipherSpi - } - - int k = 0; -- if (encrypt) { -- if (inAddr == 0 && inArray == null) { -- inArray = new byte[inLen]; -- inBuffer.get(inArray); -- } else { -- inBuffer.position(origPos + inLen); -- } -- k = token.p11.C_EncryptUpdate(session.id(), -- inAddr, inArray, inOfs, inLen, -- outAddr, outArray, outOfs, outLen); -- } else { -- int newPadBufferLen = 0; -- if (paddingObj != null) { -- if (padBufferLen != 0) { -- // NSS throws up when called with data not in multiple -- // of blocks. Try to work around this by holding the -- // extra data in padBuffer. -- if (padBufferLen != padBuffer.length) { -- int bufCapacity = padBuffer.length - padBufferLen; -- if (inLen > bufCapacity) { -- bufferInputBytes(inBuffer, bufCapacity); -- inOfs += bufCapacity; -- inLen -= bufCapacity; -- } else { -- bufferInputBytes(inBuffer, inLen); -- return 0; -- } -- } -- k = token.p11.C_DecryptUpdate(session.id(), 0, -- padBuffer, 0, padBufferLen, outAddr, outArray, -- outOfs, outLen); -- padBufferLen = 0; -- } -- newPadBufferLen = inLen & (blockSize - 1); -- if (newPadBufferLen == 0) { -- newPadBufferLen = padBuffer.length; -- } -- inLen -= newPadBufferLen; -- } -- if (inLen > 0) { -- if (inAddr == 0 && inArray == null) { -- inArray = new byte[inLen]; -- inBuffer.get(inArray); -- } else { -- inBuffer.position(inBuffer.position() + inLen); -- } -- k += token.p11.C_DecryptUpdate(session.id(), inAddr, -- inArray, inOfs, inLen, outAddr, outArray, -- (outOfs + k), (outLen - k)); -- } -- // update 'padBuffer' if using our own padding impl. -- if (paddingObj != null && newPadBufferLen != 0) { -- bufferInputBytes(inBuffer, newPadBufferLen); -- } -- } -- bytesBuffered += (inLen - k); -+ int newBlockBufferLen = 0; -+ -+ // NSS throws up when called with data not in multiple -+ // of blocks. Try to work around this by holding the -+ // extra data in blockBuffer. -+ if (blockBufferLen != 0) { -+ if (blockBufferLen != blockBuffer.length) { -+ int bufCapacity = blockBuffer.length - blockBufferLen; -+ if (inLen >= bufCapacity) { -+ bufferInputBytes(inBuffer, bufCapacity); -+ inOfs += bufCapacity; -+ inLen -= bufCapacity; -+ } else { -+ bufferInputBytes(inBuffer, inLen); -+ return 0; -+ } -+ } -+ if (encrypt) { -+ k = token.p11.C_EncryptUpdate(session.id(), 0, blockBuffer, 0, -+ blockBufferLen, outAddr, outArray, outOfs, -+ outLen); -+ } else { -+ k = token.p11.C_DecryptUpdate(session.id(), 0, blockBuffer, 0, -+ blockBufferLen, outAddr, outArray, outOfs, -+ outLen); -+ } -+ blockBufferLen = 0; -+ bytesBuffered = 0; -+ } -+ -+ if (inLen == 0) -+ return k; -+ -+ newBlockBufferLen = inLen & (blockSize - 1); -+ if (!encrypt && paddingObj != null && newBlockBufferLen == 0) -+ // Hold the last block in the buffer if we need to unpad -+ newBlockBufferLen = blockBuffer.length; -+ inLen -= newBlockBufferLen; -+ -+ if (inAddr == 0 && inArray == null) { -+ inArray = new byte[inLen]; -+ inBuffer.get(inArray); -+ } else { -+ inBuffer.position(inBuffer.position() + inLen); -+ } -+ -+ if (inLen > 0) { -+ if (encrypt) { -+ k = token.p11.C_EncryptUpdate(session.id(), inAddr, inArray, inOfs, -+ inLen, outAddr, outArray, (outOfs + k), (outLen - k)); -+ } else { -+ k = token.p11.C_DecryptUpdate(session.id(), inAddr, inArray, inOfs, -+ inLen, outAddr, outArray, (outOfs + k), (outLen - k)); -+ } -+ } -+ -+ bufferInputBytes(inBuffer, newBlockBufferLen); -+ bytesBufferedInt += (inLen - k); -+ - if (!(outBuffer instanceof DirectBuffer) && - !outBuffer.hasArray()) { - outBuffer.put(outArray, outOfs, k); -@@ -728,31 +753,42 @@ final class P11Cipher extends CipherSpi - try { - ensureInitialized(); - int k = 0; -+ if (blockBufferLen != 0) { -+ if (encrypt) { -+ k = token.p11.C_EncryptUpdate(session.id(), -+ 0, blockBuffer, 0, blockBufferLen, -+ 0, out, outOfs, outLen); -+ } else { -+ if (paddingObj == null) -+ k = token.p11.C_DecryptUpdate(session.id(), 0, -+ blockBuffer, 0, blockBufferLen, 0, -+ out, outOfs, outLen); -+ else -+ k = token.p11.C_DecryptUpdate(session.id(), 0, -+ blockBuffer, 0, blockBufferLen, 0, -+ padBuffer, 0, padBuffer.length); -+ } -+ } - if (encrypt) { - if (paddingObj != null) { - int actualPadLen = paddingObj.setPaddingBytes(padBuffer, -- requiredOutLen - bytesBuffered); -- k = token.p11.C_EncryptUpdate(session.id(), -- 0, padBuffer, 0, actualPadLen, -- 0, out, outOfs, outLen); -+ requiredOutLen - bytesBufferedInt); -+ k += token.p11.C_EncryptUpdate(session.id(), -+ 0, padBuffer, 0, actualPadLen, -+ 0, out, (outOfs + k), (outLen - k)); - } - k += token.p11.C_EncryptFinal(session.id(), - 0, out, (outOfs + k), (outLen - k)); - } else { - if (paddingObj != null) { -- if (padBufferLen != 0) { -- k = token.p11.C_DecryptUpdate(session.id(), 0, -- padBuffer, 0, padBufferLen, 0, padBuffer, 0, -- padBuffer.length); -- } - k += token.p11.C_DecryptFinal(session.id(), 0, padBuffer, k, - padBuffer.length - k); - int actualPadLen = paddingObj.unpad(padBuffer, k); - k -= actualPadLen; - System.arraycopy(padBuffer, 0, out, outOfs, k); - } else { -- k = token.p11.C_DecryptFinal(session.id(), 0, out, outOfs, -- outLen); -+ k += token.p11.C_DecryptFinal(session.id(), 0, out, (outOfs + k), -+ (outLen - k)); - } - } - return k; -@@ -793,6 +829,23 @@ final class P11Cipher extends CipherSpi - - int k = 0; - -+ if (blockBufferLen != 0) { -+ if (encrypt) { -+ k = token.p11.C_EncryptUpdate(session.id(), -+ 0, blockBuffer, 0, blockBufferLen, -+ outAddr, outArray, outOfs, outLen); -+ } else { -+ if (paddingObj == null) -+ k = token.p11.C_DecryptUpdate(session.id(), 0, -+ blockBuffer, 0, blockBufferLen, outAddr, -+ outArray, outOfs, outLen); -+ else -+ k = token.p11.C_DecryptUpdate(session.id(), 0, -+ blockBuffer, 0, blockBufferLen, 0, -+ padBuffer, 0, padBuffer.length); -+ } -+ } -+ - if (encrypt) { - if (paddingObj != null) { - int actualPadLen = paddingObj.setPaddingBytes(padBuffer, -@@ -805,12 +858,6 @@ final class P11Cipher extends CipherSpi - outAddr, outArray, (outOfs + k), (outLen - k)); - } else { - if (paddingObj != null) { -- if (padBufferLen != 0) { -- k = token.p11.C_DecryptUpdate(session.id(), -- 0, padBuffer, 0, padBufferLen, -- 0, padBuffer, 0, padBuffer.length); -- padBufferLen = 0; -- } - k += token.p11.C_DecryptFinal(session.id(), - 0, padBuffer, k, padBuffer.length - k); - int actualPadLen = paddingObj.unpad(padBuffer, k); -@@ -819,7 +866,8 @@ final class P11Cipher extends CipherSpi - outOfs = 0; - } else { - k = token.p11.C_DecryptFinal(session.id(), -- outAddr, outArray, outOfs, outLen); -+ outAddr, outArray, -+ (outOfs + k), (outLen - k)); - } - } - if ((!encrypt && paddingObj != null) || -@@ -875,14 +923,14 @@ final class P11Cipher extends CipherSpi - } - - private final void bufferInputBytes(byte[] in, int inOfs, int len) { -- System.arraycopy(in, inOfs, padBuffer, padBufferLen, len); -- padBufferLen += len; -+ System.arraycopy(in, inOfs, blockBuffer, blockBufferLen, len); -+ blockBufferLen += len; - bytesBuffered += len; - } - - private final void bufferInputBytes(ByteBuffer inBuffer, int len) { -- inBuffer.get(padBuffer, padBufferLen, len); -- padBufferLen += len; -+ inBuffer.get(blockBuffer, blockBufferLen, len); -+ blockBufferLen += len; - bytesBuffered += len; - } - } diff --git a/SOURCES/java-1.7.0-openjdk-aes-update_reset.patch b/SOURCES/java-1.7.0-openjdk-aes-update_reset.patch deleted file mode 100644 index 41753bb..0000000 --- a/SOURCES/java-1.7.0-openjdk-aes-update_reset.patch +++ /dev/null @@ -1,134 +0,0 @@ -diff --git a/src/share/classes/sun/security/pkcs11/P11Cipher.java b/src/share/classes/sun/security/pkcs11/P11Cipher.java ---- openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java -+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java -@@ -412,7 +412,8 @@ - token.p11.C_DecryptFinal(session.id(), 0, buffer, 0, bufLen); - } - } catch (PKCS11Exception e) { -- throw new ProviderException("Cancel failed", e); -+ if (e.getErrorCode() != CKR_OPERATION_NOT_INITIALIZED) -+ throw new ProviderException("Cancel failed", e); - } finally { - reset(); - } -@@ -747,6 +748,9 @@ - throws ShortBufferException, IllegalBlockSizeException, - BadPaddingException { - int requiredOutLen = doFinalLength(0); -+ boolean updating = false; -+ PKCS11Exception err = null; -+ - if (outLen < requiredOutLen) { - throw new ShortBufferException(); - } -@@ -754,6 +758,7 @@ - ensureInitialized(); - int k = 0; - if (blockBufferLen != 0) { -+ updating = true; - if (encrypt) { - k = token.p11.C_EncryptUpdate(session.id(), - 0, blockBuffer, 0, blockBufferLen, -@@ -768,14 +773,17 @@ - blockBuffer, 0, blockBufferLen, 0, - padBuffer, 0, padBuffer.length); - } -+ updating = false; - } - if (encrypt) { - if (paddingObj != null) { - int actualPadLen = paddingObj.setPaddingBytes(padBuffer, - requiredOutLen - bytesBufferedInt); -+ updating = true; - k += token.p11.C_EncryptUpdate(session.id(), - 0, padBuffer, 0, actualPadLen, - 0, out, (outOfs + k), (outLen - k)); -+ updating = false; - } - k += token.p11.C_EncryptFinal(session.id(), - 0, out, (outOfs + k), (outLen - k)); -@@ -793,10 +801,22 @@ - } - return k; - } catch (PKCS11Exception e) { -+ err = e; - handleException(e); - throw new ProviderException("doFinal() failed", e); - } finally { -- reset(); -+ if (err != null) { -+ if (err.getErrorCode() != CKR_BUFFER_TOO_SMALL) { -+ if (updating) -+ // Work around NSS not cancelling the -+ // operation on an error in update -+ cancelOperation(); -+ else -+ reset(); -+ } -+ } else { -+ reset(); -+ } - } - } - -@@ -805,6 +825,9 @@ - BadPaddingException { - int outLen = outBuffer.remaining(); - int requiredOutLen = doFinalLength(0); -+ boolean updating = false; -+ PKCS11Exception err = null; -+ - if (outLen < requiredOutLen) { - throw new ShortBufferException(); - } -@@ -830,6 +853,7 @@ - int k = 0; - - if (blockBufferLen != 0) { -+ updating = true; - if (encrypt) { - k = token.p11.C_EncryptUpdate(session.id(), - 0, blockBuffer, 0, blockBufferLen, -@@ -844,15 +868,18 @@ - blockBuffer, 0, blockBufferLen, 0, - padBuffer, 0, padBuffer.length); - } -+ updating = false; - } - - if (encrypt) { - if (paddingObj != null) { - int actualPadLen = paddingObj.setPaddingBytes(padBuffer, - requiredOutLen - bytesBuffered); -+ updating = true; - k = token.p11.C_EncryptUpdate(session.id(), - 0, padBuffer, 0, actualPadLen, - outAddr, outArray, outOfs, outLen); -+ updating = false; - } - k += token.p11.C_EncryptFinal(session.id(), - outAddr, outArray, (outOfs + k), (outLen - k)); -@@ -879,10 +906,22 @@ - } - return k; - } catch (PKCS11Exception e) { -+ err = e; - handleException(e); - throw new ProviderException("doFinal() failed", e); - } finally { -- reset(); -+ if (err != null) { -+ if (err.getErrorCode() != CKR_BUFFER_TOO_SMALL) { -+ if (updating) -+ // Work around NSS not cancelling the -+ // operation on an error in update -+ cancelOperation(); -+ else -+ reset(); -+ } -+ } else { -+ reset(); -+ } - } - } - diff --git a/SOURCES/java-1.7.0-openjdk-nss-config-1.patch b/SOURCES/java-1.7.0-openjdk-nss-config-1.patch deleted file mode 100644 index 96d7744..0000000 --- a/SOURCES/java-1.7.0-openjdk-nss-config-1.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Nru openjdk.orig/jdk/src/share/lib/security/java.security-linux openjdk/jdk/src/share/lib/security/java.security-linux ---- openjdk.orig/jdk/src/share/lib/security/java.security-linux 2011-09-22 01:56:22.000000000 +0100 -+++ openjdk/jdk/src/share/lib/security/java.security-linux 2011-09-22 13:51:56.234039451 +0100 -@@ -55,7 +55,7 @@ - # the NSS security provider was not enabled for this build; it can be enabled - # if NSS (libnss3) is available on the machine. The nss.cfg file may need - # editing to reflect the location of the NSS installation. --#security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg -+security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg - - # - # Select the source of seed data for SecureRandom. By default an diff --git a/SOURCES/java-1.7.0-openjdk-nss-config-2.patch b/SOURCES/java-1.7.0-openjdk-nss-config-2.patch deleted file mode 100644 index a763a17..0000000 --- a/SOURCES/java-1.7.0-openjdk-nss-config-2.patch +++ /dev/null @@ -1,32 +0,0 @@ ---- java.security 2011-09-22 01:56:22.000000000 +0100 -+++ java.security 2011-09-22 13:51:56.234039451 +0100 -@@ -43,19 +43,19 @@ - # - # List of providers and their preference orders (see above): - # --security.provider.1=sun.security.provider.Sun --security.provider.2=sun.security.rsa.SunRsaSign --security.provider.3=sun.security.ec.SunEC --security.provider.4=com.sun.net.ssl.internal.ssl.Provider --security.provider.5=com.sun.crypto.provider.SunJCE --security.provider.6=sun.security.jgss.SunProvider --security.provider.7=com.sun.security.sasl.Provider --security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI --security.provider.9=sun.security.smartcardio.SunPCSC -+security.provider.1=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg -+security.provider.2=sun.security.provider.Sun -+security.provider.3=sun.security.rsa.SunRsaSign -+security.provider.4=sun.security.ec.SunEC -+security.provider.5=com.sun.net.ssl.internal.ssl.Provider -+security.provider.6=com.sun.crypto.provider.SunJCE -+security.provider.7=sun.security.jgss.SunProvider -+security.provider.8=com.sun.security.sasl.Provider -+security.provider.9=org.jcp.xml.dsig.internal.dom.XMLDSigRI -+security.provider.10=sun.security.smartcardio.SunPCSC - # the NSS security provider was not enabled for this build; it can be enabled - # if NSS (libnss3) is available on the machine. The nss.cfg file may need - # editing to reflect the location of the NSS installation. --security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg - - # - # Select the source of seed data for SecureRandom. By default an diff --git a/SOURCES/java-1.7.0-openjdk-nss-split_results.patch b/SOURCES/java-1.7.0-openjdk-nss-split_results.patch deleted file mode 100644 index e4f7643..0000000 --- a/SOURCES/java-1.7.0-openjdk-nss-split_results.patch +++ /dev/null @@ -1,142 +0,0 @@ -diff --git a/src/share/classes/sun/security/pkcs11/P11Cipher.java b/src/share/classes/sun/security/pkcs11/P11Cipher.java ---- openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java -+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java -@@ -560,7 +560,8 @@ - } - try { - ensureInitialized(); -- int k = 0; -+ int bufRes = 0; -+ int inRes = 0; - int newBlockBufferLen = 0; - - // NSS throws up when called with data not in multiple -@@ -579,21 +580,21 @@ - } - } - if (encrypt) { -- k = token.p11.C_EncryptUpdate(session.id(), 0, blockBuffer, 0, -- blockBufferLen, 0, out, outOfs, -- outLen); -+ bufRes = token.p11.C_EncryptUpdate(session.id(), 0, blockBuffer, 0, -+ blockBufferLen, 0, out, outOfs, -+ outLen); - } else { -- k = token.p11.C_DecryptUpdate(session.id(), 0, blockBuffer, 0, -- blockBufferLen, 0, out, outOfs, -- outLen); -+ bufRes = token.p11.C_DecryptUpdate(session.id(), 0, blockBuffer, 0, -+ blockBufferLen, 0, out, outOfs, -+ outLen); - } -- bytesBufferedInt += (blockBufferLen - k); -+ bytesBufferedInt += (blockBufferLen - bufRes); - blockBufferLen = 0; - bytesBuffered = 0; - } - - if (inLen == 0) -- return k; -+ return bufRes; - - if (blockBuffer != null) { - newBlockBufferLen = inLen & (blockSize - 1); -@@ -606,16 +607,18 @@ - - if (inLen > 0) { - if (encrypt) { -- k = token.p11.C_EncryptUpdate(session.id(), 0, in, inOfs, -- inLen, 0, out, (outOfs + k), (outLen - k)); -+ inRes = token.p11.C_EncryptUpdate(session.id(), 0, in, inOfs, -+ inLen, 0, out, (outOfs + bufRes), -+ (outLen - bufRes)); - } else { -- k = token.p11.C_DecryptUpdate(session.id(), 0, in, inOfs, -- inLen, 0, out, (outOfs + k), (outLen - k)); -+ inRes = token.p11.C_DecryptUpdate(session.id(), 0, in, inOfs, -+ inLen, 0, out, (outOfs + bufRes), -+ (outLen - bufRes)); - } -- bytesBufferedInt += (inLen - k); -+ bytesBufferedInt += (inLen - inRes); - } - -- return k; -+ return inRes + bufRes; - } catch (PKCS11Exception e) { - if (e.getErrorCode() == CKR_BUFFER_TOO_SMALL) { - throw (ShortBufferException) -@@ -668,7 +671,8 @@ - } - } - -- int k = 0; -+ int bufRes = 0; -+ int inRes = 0; - int newBlockBufferLen = 0; - - // NSS throws up when called with data not in multiple -@@ -687,21 +691,21 @@ - } - } - if (encrypt) { -- k = token.p11.C_EncryptUpdate(session.id(), 0, blockBuffer, 0, -- blockBufferLen, outAddr, outArray, outOfs, -- outLen); -+ bufRes = token.p11.C_EncryptUpdate(session.id(), 0, blockBuffer, 0, -+ blockBufferLen, outAddr, outArray, outOfs, -+ outLen); - } else { -- k = token.p11.C_DecryptUpdate(session.id(), 0, blockBuffer, 0, -- blockBufferLen, outAddr, outArray, outOfs, -- outLen); -+ bufRes = token.p11.C_DecryptUpdate(session.id(), 0, blockBuffer, 0, -+ blockBufferLen, outAddr, outArray, outOfs, -+ outLen); - } -- bytesBufferedInt += (blockBufferLen - k); -+ bytesBufferedInt += (blockBufferLen - bufRes); - blockBufferLen = 0; - bytesBuffered = 0; - } - - if (inLen == 0) -- return k; -+ return bufRes; - - if (blockBuffer != null) { - newBlockBufferLen = inLen & (blockSize - 1); -@@ -721,22 +725,25 @@ - - if (inLen > 0) { - if (encrypt) { -- k = token.p11.C_EncryptUpdate(session.id(), inAddr, inArray, inOfs, -- inLen, outAddr, outArray, (outOfs + k), (outLen - k)); -+ inRes = token.p11.C_EncryptUpdate(session.id(), inAddr, inArray, inOfs, -+ inLen, outAddr, outArray, (outOfs + bufRes), -+ (outLen - bufRes)); - } else { -- k = token.p11.C_DecryptUpdate(session.id(), inAddr, inArray, inOfs, -- inLen, outAddr, outArray, (outOfs + k), (outLen - k)); -+ inRes = token.p11.C_DecryptUpdate(session.id(), inAddr, inArray, inOfs, -+ inLen, outAddr, outArray, (outOfs + bufRes), -+ (outLen - bufRes)); - } -- bytesBufferedInt += (inLen - k); -+ bytesBufferedInt += (inLen - inRes); - } - -+ int total = inRes + bufRes; - if (!(outBuffer instanceof DirectBuffer) && - !outBuffer.hasArray()) { -- outBuffer.put(outArray, outOfs, k); -+ outBuffer.put(outArray, outOfs, total); - } else { -- outBuffer.position(outBuffer.position() + k); -+ outBuffer.position(outBuffer.position() + total); - } -- return k; -+ return total; - } catch (PKCS11Exception e) { - // Reset input buffer to its original position for - inBuffer.position(origPos); diff --git a/SOURCES/java-1.7.0-openjdk-nss-tck.patch b/SOURCES/java-1.7.0-openjdk-nss-tck.patch deleted file mode 100644 index 56b6572..0000000 --- a/SOURCES/java-1.7.0-openjdk-nss-tck.patch +++ /dev/null @@ -1,210 +0,0 @@ -diff --git a/src/share/classes/sun/security/pkcs11/P11Cipher.java b/src/share/classes/sun/security/pkcs11/P11Cipher.java ---- openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java -+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java -@@ -69,7 +69,7 @@ - private static interface Padding { - // ENC: format the specified buffer with padding bytes and return the - // actual padding length -- int setPaddingBytes(byte[] paddingBuffer, int padLen); -+ int setPaddingBytes(byte[] paddingBuffer, int offset, int padLen); - - // DEC: return the length of trailing padding bytes given the specified - // padded data -@@ -90,8 +90,8 @@ - this.blockSize = blockSize; - } - -- public int setPaddingBytes(byte[] paddingBuffer, int padLen) { -- Arrays.fill(paddingBuffer, 0, padLen, (byte) (padLen & 0x007f)); -+ public int setPaddingBytes(byte[] paddingBuffer, int offset, int padLen) { -+ Arrays.fill(paddingBuffer, offset, offset + padLen, (byte) (padLen & 0x007f)); - return padLen; - } - -@@ -587,6 +587,7 @@ - blockBufferLen, 0, out, outOfs, - outLen); - } -+ bytesBufferedInt += (blockBufferLen - k); - blockBufferLen = 0; - bytesBuffered = 0; - } -@@ -594,11 +595,14 @@ - if (inLen == 0) - return k; - -- newBlockBufferLen = inLen & (blockSize - 1); -- if (!encrypt && paddingObj != null && newBlockBufferLen == 0) -- // Hold the last block in the buffer if we need to unpad -- newBlockBufferLen = blockBuffer.length; -- inLen -= newBlockBufferLen; -+ if (blockBuffer != null) { -+ newBlockBufferLen = inLen & (blockSize - 1); -+ if (!encrypt && paddingObj != null && newBlockBufferLen == 0) -+ // Hold the last block in the buffer if we need to unpad -+ newBlockBufferLen = blockBuffer.length; -+ inLen -= newBlockBufferLen; -+ bufferInputBytes(in, inOfs + inLen, newBlockBufferLen); -+ } - - if (inLen > 0) { - if (encrypt) { -@@ -608,10 +612,9 @@ - k = token.p11.C_DecryptUpdate(session.id(), 0, in, inOfs, - inLen, 0, out, (outOfs + k), (outLen - k)); - } -+ bytesBufferedInt += (inLen - k); - } - -- bufferInputBytes(in, inOfs + inLen, newBlockBufferLen); -- bytesBufferedInt += (inLen - k); - return k; - } catch (PKCS11Exception e) { - if (e.getErrorCode() == CKR_BUFFER_TOO_SMALL) { -@@ -692,6 +695,7 @@ - blockBufferLen, outAddr, outArray, outOfs, - outLen); - } -+ bytesBufferedInt += (blockBufferLen - k); - blockBufferLen = 0; - bytesBuffered = 0; - } -@@ -699,11 +703,14 @@ - if (inLen == 0) - return k; - -- newBlockBufferLen = inLen & (blockSize - 1); -- if (!encrypt && paddingObj != null && newBlockBufferLen == 0) -- // Hold the last block in the buffer if we need to unpad -- newBlockBufferLen = blockBuffer.length; -- inLen -= newBlockBufferLen; -+ if (blockBuffer != null) { -+ newBlockBufferLen = inLen & (blockSize - 1); -+ if (!encrypt && paddingObj != null && newBlockBufferLen == 0) -+ // Hold the last block in the buffer if we need to unpad -+ newBlockBufferLen = blockBuffer.length; -+ inLen -= newBlockBufferLen; -+ bufferInputBytes(inBuffer, newBlockBufferLen); -+ } - - if (inAddr == 0 && inArray == null) { - inArray = new byte[inLen]; -@@ -720,11 +727,9 @@ - k = token.p11.C_DecryptUpdate(session.id(), inAddr, inArray, inOfs, - inLen, outAddr, outArray, (outOfs + k), (outLen - k)); - } -+ bytesBufferedInt += (inLen - k); - } - -- bufferInputBytes(inBuffer, newBlockBufferLen); -- bytesBufferedInt += (inLen - k); -- - if (!(outBuffer instanceof DirectBuffer) && - !outBuffer.hasArray()) { - outBuffer.put(outArray, outOfs, k); -@@ -757,13 +762,22 @@ - try { - ensureInitialized(); - int k = 0; -- if (blockBufferLen != 0) { -+ if (encrypt) { -+ // Do we need to pad? -+ if (paddingObj != null) { -+ int actualPadLen = paddingObj.setPaddingBytes(blockBuffer, -+ blockBufferLen, blockSize - blockBufferLen); -+ blockBufferLen = blockSize; -+ } - updating = true; -- if (encrypt) { -- k = token.p11.C_EncryptUpdate(session.id(), -- 0, blockBuffer, 0, blockBufferLen, -- 0, out, outOfs, outLen); -- } else { -+ k = token.p11.C_EncryptUpdate(session.id(), -+ 0, blockBuffer, 0, blockBufferLen, -+ 0, out, outOfs, outLen); -+ updating = false; -+ k += token.p11.C_EncryptFinal(session.id(), -+ 0, out, (outOfs + k), (outLen - k)); -+ } else { -+ if (blockBufferLen != 0) { - if (paddingObj == null) - k = token.p11.C_DecryptUpdate(session.id(), 0, - blockBuffer, 0, blockBufferLen, 0, -@@ -773,21 +787,6 @@ - blockBuffer, 0, blockBufferLen, 0, - padBuffer, 0, padBuffer.length); - } -- updating = false; -- } -- if (encrypt) { -- if (paddingObj != null) { -- int actualPadLen = paddingObj.setPaddingBytes(padBuffer, -- requiredOutLen - bytesBufferedInt); -- updating = true; -- k += token.p11.C_EncryptUpdate(session.id(), -- 0, padBuffer, 0, actualPadLen, -- 0, out, (outOfs + k), (outLen - k)); -- updating = false; -- } -- k += token.p11.C_EncryptFinal(session.id(), -- 0, out, (outOfs + k), (outLen - k)); -- } else { - if (paddingObj != null) { - k += token.p11.C_DecryptFinal(session.id(), 0, padBuffer, k, - padBuffer.length - k); -@@ -852,38 +851,31 @@ - - int k = 0; - -- if (blockBufferLen != 0) { -+ if (encrypt) { -+ // Do we need to pad? -+ if (paddingObj != null) { -+ int actualPadLen = paddingObj.setPaddingBytes(blockBuffer, -+ blockBufferLen, blockSize - blockBufferLen); -+ blockBufferLen = blockSize; -+ } - updating = true; -- if (encrypt) { -- k = token.p11.C_EncryptUpdate(session.id(), -+ k = token.p11.C_EncryptUpdate(session.id(), - 0, blockBuffer, 0, blockBufferLen, - outAddr, outArray, outOfs, outLen); -+ updating = false; -+ k += token.p11.C_EncryptFinal(session.id(), -+ outAddr, outArray, (outOfs + k), (outLen - k)); -+ } else { -+ if (blockBufferLen != 0) { -+ k = token.p11.C_DecryptUpdate(session.id(), 0, -+ blockBuffer, 0, blockBufferLen, outAddr, -+ outArray, outOfs, outLen); - } else { -- if (paddingObj == null) -- k = token.p11.C_DecryptUpdate(session.id(), 0, -- blockBuffer, 0, blockBufferLen, outAddr, -- outArray, outOfs, outLen); -- else - k = token.p11.C_DecryptUpdate(session.id(), 0, - blockBuffer, 0, blockBufferLen, 0, - padBuffer, 0, padBuffer.length); - } -- updating = false; -- } - -- if (encrypt) { -- if (paddingObj != null) { -- int actualPadLen = paddingObj.setPaddingBytes(padBuffer, -- requiredOutLen - bytesBuffered); -- updating = true; -- k = token.p11.C_EncryptUpdate(session.id(), -- 0, padBuffer, 0, actualPadLen, -- outAddr, outArray, outOfs, outLen); -- updating = false; -- } -- k += token.p11.C_EncryptFinal(session.id(), -- outAddr, outArray, (outOfs + k), (outLen - k)); -- } else { - if (paddingObj != null) { - k += token.p11.C_DecryptFinal(session.id(), - 0, padBuffer, k, padBuffer.length - k); diff --git a/SOURCES/rh905128-non_block_ciphers.patch b/SOURCES/rh905128-non_block_ciphers.patch deleted file mode 100644 index a901b90..0000000 --- a/SOURCES/rh905128-non_block_ciphers.patch +++ /dev/null @@ -1,62 +0,0 @@ -diff --git a/src/share/classes/sun/security/pkcs11/P11Cipher.java b/src/share/classes/sun/security/pkcs11/P11Cipher.java ---- openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java -+++ openjdk/jdk/src/share/classes/sun/security/pkcs11/P11Cipher.java -@@ -770,17 +770,19 @@ - ensureInitialized(); - int k = 0; - if (encrypt) { -- // Do we need to pad? -- if (paddingObj != null) { -- int actualPadLen = paddingObj.setPaddingBytes(blockBuffer, -- blockBufferLen, blockSize - blockBufferLen); -- blockBufferLen = blockSize; -+ if (blockBuffer != null) { -+ // Do we need to pad? -+ if (paddingObj != null) { -+ int actualPadLen = paddingObj.setPaddingBytes(blockBuffer, -+ blockBufferLen, blockSize - blockBufferLen); -+ blockBufferLen = blockSize; -+ } -+ updating = true; -+ k = token.p11.C_EncryptUpdate(session.id(), -+ 0, blockBuffer, 0, blockBufferLen, -+ 0, out, outOfs, outLen); -+ updating = false; - } -- updating = true; -- k = token.p11.C_EncryptUpdate(session.id(), -- 0, blockBuffer, 0, blockBufferLen, -- 0, out, outOfs, outLen); -- updating = false; - k += token.p11.C_EncryptFinal(session.id(), - 0, out, (outOfs + k), (outLen - k)); - } else { -@@ -859,17 +861,19 @@ - int k = 0; - - if (encrypt) { -- // Do we need to pad? -- if (paddingObj != null) { -- int actualPadLen = paddingObj.setPaddingBytes(blockBuffer, -- blockBufferLen, blockSize - blockBufferLen); -- blockBufferLen = blockSize; -- } -- updating = true; -- k = token.p11.C_EncryptUpdate(session.id(), -+ if (blockBuffer != null) { -+ // Do we need to pad? -+ if (paddingObj != null) { -+ int actualPadLen = paddingObj.setPaddingBytes(blockBuffer, -+ blockBufferLen, blockSize - blockBufferLen); -+ blockBufferLen = blockSize; -+ } -+ updating = true; -+ k = token.p11.C_EncryptUpdate(session.id(), - 0, blockBuffer, 0, blockBufferLen, - outAddr, outArray, outOfs, outLen); -- updating = false; -+ updating = false; -+ } - k += token.p11.C_EncryptFinal(session.id(), - outAddr, outArray, (outOfs + k), (outLen - k)); - } else { diff --git a/SPECS/java-1.7.0-openjdk.spec b/SPECS/java-1.7.0-openjdk.spec index 087b445..25292c1 100644 --- a/SPECS/java-1.7.0-openjdk.spec +++ b/SPECS/java-1.7.0-openjdk.spec @@ -5,24 +5,18 @@ # conflicting) files in the -debuginfo package %undefine _missing_build_ids_terminate_build -%global icedtea_version 2.4.5 +%global icedtea_version 2.4.7 %global hg_tag icedtea-{icedtea_version} %global aarch64 aarch64 arm64 armv8 %global multilib_arches %{power64} sparc64 x86_64 %{aarch64} %global jit_arches %{ix86} x86_64 sparcv9 sparc64 - -%global enable_nss 0 - # With diabled nss is NSS deactivated, so in NSS_LIBDIR can be wrong path # the initialisation must be here. LAter the pkg-connfig have bugy behaviour #looks liekopenjdk RPM specific bug -%if %{enable_nss} +# Always set this so the nss.cfg file is not broken %global NSS_LIBDIR %(pkg-config --variable=libdir nss) -%else -%global NSS_LIBDIR "" -%endif %ifarch x86_64 %global archbuild amd64 @@ -116,9 +110,9 @@ # Standard JPackage naming and versioning defines. %global origin openjdk -%global updatever 51 +%global updatever 55 #Fedora have an bogus 60 instead of updatever. Fix when updatever>=60 in version: -%global buildver 31 +%global buildver 13 # Keep priority on 6digits in case updatever>9 %global priority 1700%{updatever} %global javaver 1.7.0 @@ -159,7 +153,7 @@ Name: java-%{javaver}-%{origin} Version: %{javaver}.%{updatever} -Release: %{icedtea_version}.5%{?dist} +Release: %{icedtea_version}.2%{?dist} # java-1.5.0-ibm from jpackage.org set Epoch to 1 for unknown reasons, # and this change was brought into RHEL-4. java-1.5.0-ibm packages # also included the epoch in their virtual provides. This created a @@ -188,7 +182,7 @@ URL: http://openjdk.java.net/ # hg clone $REPO/jdk/ openjdk/jdk -r %{hg_tag} # hg clone $REPO/langtools/ openjdk/langtools -r %{hg_tag} # find openjdk -name ".hg" -exec rm -rf '{}' \; -# sh /git/java-1.7.0-openjdk/rhel-X.Y/fsg.sh +# sh /git/java-1.7.0-openjdk/rhel-7.0/fsg.sh # tar cJf openjdk-icedtea-%{icedtea_version}.tar.xz openjdk Source0: openjdk-icedtea-%{icedtea_version}.tar.xz @@ -258,27 +252,6 @@ Patch100: rhino.patch Patch106: %{name}-freetype-check-fix.patch -#Start of NSS patches -# NSS/AES patch -Patch108: %{name}-aes-buffering.patch - -Patch113: %{name}-aes-update_reset.patch - -Patch114: %{name}-nss-tck.patch - -Patch115: %{name}-nss-split_results.patch - -Patch116: rh905128-non_block_ciphers.patch - -# NSS config patch for build time -Patch109: %{name}-nss-config-1.patch - - -# NSS config patch for runtime time -Patch111: %{name}-nss-config-2.patch - -#END of NSS patches - # allow to create hs_pid.log in tmp (in 700 permissions) if working directory is unwritable Patch200: abrt_friendly_hs_log_jdk7.patch @@ -291,9 +264,7 @@ Patch200: abrt_friendly_hs_log_jdk7.patch Patch300: pulse-soundproperties.patch # Temporary patches - #Workaround RH902004 -Patch402: gstackbounds.patch Patch403: PStack-808293.patch # End of tmp patches @@ -329,7 +300,6 @@ BuildRequires: at-spi-devel BuildRequires: gawk BuildRequires: pkgconfig >= 0.9.0 BuildRequires: xorg-x11-utils -BuildRequires: nss-devel # PulseAudio build requirements. %if %{with_pulseaudio} BuildRequires: pulseaudio-libs-devel >= 0.9.11 @@ -338,6 +308,8 @@ BuildRequires: pulseaudio-libs-devel >= 0.9.11 %ifnarch %{jit_arches} BuildRequires: libffi-devel >= 3.0.10 %endif +# Requirements for setting up the nss.cfg +BuildRequires: nss-devel # cacerts build requirement. BuildRequires: openssl @@ -383,7 +355,6 @@ The OpenJDK runtime environment. Summary: The OpenJDK runtime environment without audio and video support Group: Development/Languages -Requires: rhino Requires: lcms2 >= 2.5 Requires: libjpeg = 6b # Require /etc/pki/java/cacerts. @@ -392,10 +363,6 @@ Requires: ca-certificates Requires: jpackage-utils >= 1.7.3-1jpp.2 # Require zoneinfo data provided by tzdata-java subpackage. Requires: tzdata-java -# nss provider requirements -%if %{enable_nss} -Requires: nss%{?_isa} -%endif # Post requires alternatives to install tool alternatives. Requires(post): %{_sbindir}/alternatives # Postun requires alternatives to uninstall tool alternatives. @@ -561,17 +528,6 @@ tar xzf %{SOURCE9} %patch106 %patch200 -# NSS patches 1 -%if %{enable_nss} -%patch108 -%patch113 -%patch114 -%patch115 -%patch109 -%patch116 -%endif - -%patch402 %patch403 @@ -704,13 +660,6 @@ chmod 755 $JAVA_HOME/jre/bin/java cp -a %{SOURCE8} $JAVA_HOME/jre/lib/security/ sed -i -e s:@NSS_LIBDIR@:%{NSS_LIBDIR}:g $JAVA_HOME/jre/lib/security/nss.cfg -# NSS patches 2 - default enabling in runtime -%if %{enable_nss} -pushd $JAVA_HOME/jre/lib/security/ -patch -l -p0 < %{PATCH111} -popd -%endif - # Build pulseaudio and install it to JDK build location %if %{with_pulseaudio} pushd pulseaudio @@ -1452,6 +1401,23 @@ exit 0 %{_jvmdir}/%{jredir}/lib/accessibility.properties %changelog +* Fri May 30 2014 Andrew John Hughes - 1.7.0.55-2.4.7.2 +- Remove NSS patches. Issues with PKCS11 provider mean it shouldn't be enabled. +- Always setup nss.cfg and depend on nss-devel at build-time to do so. +- This allows users who wish to use PKCS11+NSS to just add it to java.security. +- Patches to PKCS11 provider will be included upstream in 2.4.8 (ETA July 2014) +- Resolves: rhbz#1099565 + +* Tue May 20 2014 Jiri Vanek - 1.7.0.55-2.4.7.0.el7 +- bumped to future icedtea-forest 2.4.7 +- updatever set to 55, buildver se to 13, release reset to 0 +- removed upstreamed patch402 gstackbounds.patch +- removed Requires: rhino, BuildRequires is enough +- ppc64 repalced by power64 macro +- patch111 applied as dry-run (6.6 forward port) +- nss enabled, but notused as default (6.6 forward port) +- Resolves: rhbz#1099565 + * Fri Apr 04 2014 Jiri Vanek - 1.7.0.51-2.4.5.5.el7 - added OrderWithRequires on headless where possible - Resolves: rhbz#1038092